Secure, sustainable and sovereign – a joined-up future for cloud operations

The new challenge of cloud and AI at scale

As organisations expand their digital estates, many are encountering a critical tipping point.

Cloud adoption has enabled agility, but it has also introduced new layers of complexity – fragmented toolchains, unpredictable costs, regulatory pressures, and growing operational risk. At the same time, leaders are under pressure to reduce emissions and costs, increase resilience, and ensure data remains within jurisdictional boundaries.

It’s clear that traditional IT operating models are struggling to keep up.

According to the 2024 Flexera State of the Cloud Report, 89% of organisations are now operating multi-cloud strategies,¹ and many are turning to intelligent AI tooling to manage that complexity. Fortune Business Insights reports that the global AIOps market is expected to reach USD 2.23 billion in 2025, with projections rising to USD 8.64 billion by 2032.²

But while cloud and AI-powered tooling bring speed and automation, they’re not enough on their own. Without coordination and oversight, automation can introduce just as much risk as it removes – especially when applied inconsistently across multi-cloud environments.

Many organisations still rely on patchwork operations – reactive processes, siloed responsibilities, and disconnected governance – which result in missed optimisation opportunities, hidden compliance risks, and spiralling cloud spend.

What’s needed is a shift towards an operating model that brings clarity and control, blending automation, sustainability, security, and sovereignty into a joined-up approach.

A new model for cloud-era operations

This shift isn’t about reinventing IT. It’s about creating the conditions for consistent, intelligent, and trusted operations at scale. That means adopting an approach that unites key capabilities:

• Cloud management that simplifies daily operations while enforcing performance, security, and policy requirements.
• AIOps that introduces intelligence through predictive monitoring, anomaly detection, and automated resolution.
• DevOps models that support both agility and compliance, with reusable deployment patterns and embedded guardrails.
• FinOps and GreenOps practices that help manage spend responsibly and reduce environmental impact.
• Governance frameworks that ensure transparency, support accountability, and align with evolving regulations and data sovereignty rules – CGI’s SovereignOps model is a great example of one of these delivery frameworks.

Organisations that combine these capabilities can transform complexity into confidence, shifting from firefighting to foresight and from silos to service excellence.

What does this look like in practice?

Consider a public sector organisation delivering critical citizen services across multiple cloud platforms. Each environment has its own policies, monitoring tools, and risk profile, making consistent service management almost impossible.

By implementing a unified operating model – one that blends AIOps with centralised cloud management and automated DevOps pipelines – the organisation can gain real-time visibility, ensure consistent policy enforcement, and reduce time to resolution. When sustainability and cost optimisation are also embedded into operations, it’s able to control not only performance, but also its financial and environmental footprint. 

The result is an operating model that’s compliant, resilient and future-ready, without slowing innovation.

If you’re interested in this topic, listen to our latest podcast episode: Bringing clarity to the cloud: how AIOps controls the complexity.

Core capabilities to enable the shift

The ability to bring together these disciplines – cloud, AI, automation, governance, optimisation – is fast becoming a competitive differentiator.

You need:

• Intelligent operations that proactively monitor performance, predict disruptions, and enable faster response.
• Governed operations to ensure auditability, alignment with standards, and policy-driven control.
• Sustainable operations supporting ESG goals, driving cost efficiency, and reducing emissions.
• Sovereign operations that maintain oversight of where data resides and how services are run, meeting the needs of sensitive sectors and national jurisdictions.

These capabilities don’t just solve today’s problems – they build readiness for tomorrow’s opportunities. Organisations that adopt them early will be best placed to deliver trusted services in a landscape that’s constantly evolving.

How do you transition?

Enabling this shift doesn’t happen overnight. It involves a blend of people, processes, and technology change – from re-designing operating models to re-training teams, integrating observability, and embedding compliance into the DevOps lifecycle.

Most importantly, it requires a mindset shift: viewing IT operations not as a set of disconnected tasks, but as a strategic, joined-up enabler of security, sustainability, and sovereignty.
So, where do you start?

1. Begin with a clear operational maturity assessment to understand current gaps across tooling, governance, team structure, and observability.
2. Define target-state outcomes – not just technical, but also regulatory, environmental, and service-level goals.
3. Prioritise changes that build long-term resilience, such as standardised deployment models, AI-enhanced monitoring, and real-time cost and performance visibility.
4. Identify areas where in-house capability is strong, and where you may need specialist support to design, integrate, or accelerate change.

This is where working with partners who understand complex operations, cloud-native tooling, and regulatory alignment can help accelerate your journey. Our Business Consulting and Advisory experts can help you shape your cloud strategy.

Many organisations are now combining native tools from hyperscalers – such as AWS, Microsoft, Google and Oracle – with advisory support, automation overlays, and integrated service delivery to close the gap between ambition and execution.

Make trust your next transformation priority

As technology continues to evolve, the next phase of operational transformation won’t be driven by speed alone – it will be driven by trust.

So the future of cloud operations isn’t just automated. It must be responsible, secure, and sovereign by design. That trust comes from operating models that are observable, intelligent, governed, and sovereignty-aware. Models that enable both agility and accountability, ensuring data is protected, services are compliant, and operations are resilient by design.

At CGI, we work with organisations to build these trusted operating models – tailored to your goals, environments, and regulatory needs.

To explore how we apply these ideas, listen to our Talking Transformation podcast episodes five and six, where we discuss how AI and operational sovereignty are reshaping public services, infrastructure, cloud technology, and beyond.

If you’d like to continue the conversation, please feel free to reach out to me on LinkedIn.

Sources

1 - Flexera (2024) Cloud computing trends: Flexera 2024 State of the Cloud Report
2 - Fortune Business Insights (2025) AIOps Market Size, Share, & Industry Analysis